/**
* this is called when a user logs in
*
* @param STRING $name
* @param STRING $password
* @param STRING $fallback - is this authentication a fallback from a failed authentication
* @return boolean
*/
function loadUserOnLogin($name, $password, $fallback = false, $PARAMS = array())
{
global $login_error;
$GLOBALS['log']->debug("Starting user load for " . $name);
if (empty($name) || empty($password)) {
return false;
}
$input_hash = $password;
$passwordEncrypted = false;
if (!empty($PARAMS) && isset($PARAMS['passwordEncrypted']) && $PARAMS['passwordEncrypted']) {
$passwordEncrypted = true;
}
// if
if (!$passwordEncrypted) {
$input_hash = SugarAuthenticate::encodePassword($password);
}
// if
$user_id = $this->authenticateUser($name, $input_hash, $fallback);
if (empty($user_id)) {
$GLOBALS['log']->fatal('SECURITY: User authentication for ' . $name . ' failed');
return false;
}
$this->loadUserOnSession($user_id);
return true;
}
/**
* this is called when a user logs in
*
* @param STRING $name
* @param STRING $password
* @return boolean
*/
function loadUserOnLogin($name, $password)
{
global $login_error;
$GLOBALS['log']->debug("Starting user load for " . $name);
if (empty($name) || empty($password)) {
return false;
}
$user_hash = SugarAuthenticate::encodePassword($password);
$user_id = $this->authenticateUser($name, $user_hash);
if (empty($user_id)) {
$GLOBALS['log']->fatal('SECURITY: User authentication for ' . $name . ' failed');
return false;
}
$this->loadUserOnSession($user_id);
return true;
}
/**
* this is called when a user logs in
*
* @param STRING $name
* @param STRING $password
* @return boolean
*/
function loadUserOnLogin($name, $password)
{
global $login_error;
Log::debug("Starting user load for " . $name);
if (empty($name) || empty($password)) {
return false;
}
if (empty($_SESSION['lastUserId'])) {
$input_hash = SugarAuthenticate::encodePassword($password);
$user_id = $this->authenticateUser($name, $input_hash);
if (empty($user_id)) {
Log::fatal('SECURITY: User authentication for ' . $name . ' failed');
return false;
}
}
if (empty($_SESSION['emailAuthToken'])) {
$_SESSION['lastUserId'] = $user_id;
$_SESSION['lastUserName'] = $name;
$_SESSION['emailAuthToken'] = '';
for ($i = 0; $i < $this->passwordLength; $i++) {
$_SESSION['emailAuthToken'] .= chr(mt_rand(48, 90));
}
$_SESSION['emailAuthToken'] = str_replace(array('<', '>'), array('#', '@'), $_SESSION['emailAuthToken']);
$_SESSION['login_error'] = 'Please Enter Your User Name and Emailed Session Token';
$this->sendEmailPassword($user_id, $_SESSION['emailAuthToken']);
return false;
} else {
if (strcmp($name, $_SESSION['lastUserName']) == 0 && strcmp($password, $_SESSION['emailAuthToken']) == 0) {
$this->loadUserOnSession($_SESSION['lastUserId']);
unset($_SESSION['lastUserId']);
unset($_SESSION['lastUserName']);
unset($_SESSION['emailAuthToken']);
return true;
}
}
$_SESSION['login_error'] = 'Please Enter Your User Name and Emailed Session Token';
return false;
}
